From 87e5dd2bfd293f229bab472e946ef12580facf6c Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Fri, 25 Sep 2015 19:49:39 +0200 Subject: Add a test for when merge backup fails. Also, avoid tracebacks on ECONNREFUSED by catching urrllib2.URLError. --- Makefile | 19 +++++++++++++++++-- tools/certtools.py | 3 +++ tools/loginfo.py | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ tools/mergetools.py | 40 ++++++++++++++++++++++++++++++++++++++-- 4 files changed, 106 insertions(+), 4 deletions(-) create mode 100755 tools/loginfo.py diff --git a/Makefile b/Makefile index 4f16707..5435c43 100644 --- a/Makefile +++ b/Makefile @@ -104,6 +104,21 @@ tests-run: @(cd $(INSTDIR) && python ../tools/comparecert.py ../tools/testcerts/pre1.txt:../tools/testcerts/pre2.txt fetchcertstore/00000005:fetchcertstore/00000006) || (echo "Verification failed" ; false) @(cd $(INSTDIR) && python ../tools/storagegc.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-1.cfg) || (echo "GC failed" ; false) + @./tools/to_catlfish.py to_erl test/nodes/merge-2/ "init:stop()" + @(cd $(INSTDIR) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert6.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) + @echo NOTE: merge backup should fail with 111 Connection refused + @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) + @(cd $(INSTDIR) && treesize=$$(../tools/loginfo.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) ; \ + test "$$treesize" = "7" || (echo "Tree size $$treesize != expected 7" ; false)) + @(cd $(INSTDIR) && bin/run_erl -daemon ../test/nodes/merge-2/ ../test/nodes/merge-2/log/ "exec bin/erl -config merge-2") + @for i in 1 2 3 4 5 6 7 8 9 10; do \ + echo "waiting for system to start" ; \ + sleep 0.5 ; \ + if curl -s --cacert $(INSTDIR)/tests/httpsca/demoCA/cacert.pem -4 https://localhost:8181 > /dev/null ; then break; fi ; \ + done + @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) + @(cd $(INSTDIR) && treesize=$$(../tools/loginfo.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) ; \ + test "$$treesize" = "8" || (echo "Tree size $$treesize != expected 8" ; false)) tests-run2: @(cd $(INSTDIR) ; python ../tools/verifysct.py --sct-file=submittedcerts --parallel 1 $(BASEURL) --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || echo "Verification of SCT:s failed" @@ -165,12 +180,12 @@ tests: @make tests-makemk @make tests-prepare @make tests-start - @make tests-run || (make tests-stop ; false) + @make tests-run || (sleep 5; make tests-stop ; false) @make tests-wait @make tests-stop @make tests-wait @make tests-start - @make tests-run2 || (make tests-stop ; false) + @make tests-run2 || (sleep 5; make tests-stop ; false) @make tests-wait @make tests-stop diff --git a/tools/certtools.py b/tools/certtools.py index 49f4b34..6cb4f55 100644 --- a/tools/certtools.py +++ b/tools/certtools.py @@ -311,6 +311,9 @@ def get_signature(baseurl, data, key=None): result = http_request(baseurl + "plop/v1/signing/sth", params, key=key) parsed_result = json.loads(result) return base64.b64decode(parsed_result.get(u"result")) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: get_signature", e.reason + sys.exit(1) except urllib2.HTTPError, e: print "ERROR: get_signature", e.read() raise e diff --git a/tools/loginfo.py b/tools/loginfo.py new file mode 100755 index 0000000..c61ad1b --- /dev/null +++ b/tools/loginfo.py @@ -0,0 +1,48 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (c) 2015, NORDUnet A/S. +# See LICENSE for licensing information. + +import sys +import argparse +import yaml +from certtools import create_ssl_context, get_sth + +def main(): + parser = argparse.ArgumentParser(description='') + parser.add_argument('--raw', action='store_true', + help="Print all") + parser.add_argument('--timestamp', action='store_true', + help="Print timestamp") + parser.add_argument('--roothash', action='store_true', + help="Print root hash") + parser.add_argument('--treesize', action='store_true', + help="Print tree size") + parser.add_argument('--signature', action='store_true', + help="Print signature") + parser.add_argument('--config', help="System configuration", required=True) + parser.add_argument('--localconfig', help="Local configuration", + required=True) + parser.add_argument('baseurl', help="Log base URL") + args = parser.parse_args() + #config = yaml.load(open(args.config)) + localconfig = yaml.load(open(args.localconfig)) + paths = localconfig["paths"] + + create_ssl_context(cafile=paths["https_cacertfile"]) + sth = get_sth(args.baseurl) + + if args.raw: + print sth + if args.timestamp: + print sth['timestamp'] + if args.roothash: + print sth['sha256_root_hash'] + if args.treesize: + print sth['tree_size'] + if args.signature: + print sth['tree_head_signature'] + +if __name__ == '__main__': + sys.exit(main()) diff --git a/tools/mergetools.py b/tools/mergetools.py index 7b674de..89ba7b2 100644 --- a/tools/mergetools.py +++ b/tools/mergetools.py @@ -172,6 +172,9 @@ def get_new_entries(node, baseurl, own_key, paths): entry in parsed_result[u"entries"]] print >>sys.stderr, "ERROR: fetchnewentries", parsed_result sys.exit(1) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: fetchnewentries", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: fetchnewentries", e.read() sys.exit(1) @@ -193,6 +196,9 @@ def get_entries(node, baseurl, own_key, paths, hashes): return entries print >>sys.stderr, "ERROR: getentry", parsed_result sys.exit(1) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: getentry", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: getentry", e.read() sys.exit(1) @@ -207,6 +213,9 @@ def get_curpos(node, baseurl, own_key, paths): return parsed_result[u"position"] print >>sys.stderr, "ERROR: currentposition", parsed_result sys.exit(1) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: currentposition", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: currentposition", e.read() sys.exit(1) @@ -221,6 +230,9 @@ def get_verifiedsize(node, baseurl, own_key, paths): return parsed_result[u"size"] print >>sys.stderr, "ERROR: verifiedsize", parsed_result sys.exit(1) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: verifiedsize", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: verifiedsize", e.read() sys.exit(1) @@ -232,6 +244,9 @@ def sendlog(node, baseurl, own_key, paths, submission): json.dumps(submission), key=own_key, verifynode=node, publickeydir=paths["publickeys"]) return json.loads(result) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: sendlog", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: sendlog", e.read() sys.stderr.flush() @@ -251,8 +266,11 @@ def backup_sendlog(node, baseurl, own_key, paths, submission): json.dumps(submission), key=own_key, verifynode=node, publickeydir=paths["publickeys"]) return json.loads(result) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: backup_sendlog", e.reason + sys.exit(1) except urllib2.HTTPError, e: - print >>sys.stderr, "ERROR: sendlog", e.read() + print >>sys.stderr, "ERROR: backup_sendlog", e.read() sys.stderr.flush() return None except ValueError, e: @@ -272,6 +290,9 @@ def sendentry(node, baseurl, own_key, paths, entry, ehash): "treeleafhash":base64.b64encode(ehash)}), key=own_key, verifynode=node, publickeydir=paths["publickeys"]) return json.loads(result) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: sendentry", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: sendentry", e.read() sys.exit(1) @@ -292,8 +313,11 @@ def sendentry_merge(node, baseurl, own_key, paths, entry, ehash): "treeleafhash":base64.b64encode(ehash)}), key=own_key, verifynode=node, publickeydir=paths["publickeys"]) return json.loads(result) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: sendentry_merge", e.reason + sys.exit(1) except urllib2.HTTPError, e: - print >>sys.stderr, "ERROR: sendentry", e.read() + print >>sys.stderr, "ERROR: sendentry_merge", e.read() sys.exit(1) except ValueError, e: print >>sys.stderr, "==== FAILED REQUEST ====" @@ -328,6 +352,9 @@ def verifyroot(node, baseurl, own_key, paths, treesize): json.dumps({"tree_size":treesize}), key=own_key, verifynode=node, publickeydir=paths["publickeys"]) return json.loads(result) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: verifyroot", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: verifyroot", e.read() sys.exit(1) @@ -346,6 +373,9 @@ def setverifiedsize(node, baseurl, own_key, paths, treesize): json.dumps({"size":treesize}), key=own_key, verifynode=node, publickeydir=paths["publickeys"]) return json.loads(result) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: setverifiedsize", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: setverifiedsize", e.read() sys.exit(1) @@ -368,6 +398,9 @@ def get_missingentries(node, baseurl, own_key, paths): return parsed_result[u"entries"] print >>sys.stderr, "ERROR: missingentries", parsed_result sys.exit(1) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: missingentries", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: missingentries", e.read() sys.exit(1) @@ -382,6 +415,9 @@ def get_missingentriesforbackup(node, baseurl, own_key, paths): return parsed_result[u"entries"] print >>sys.stderr, "ERROR: missingentriesforbackup", parsed_result sys.exit(1) + except urllib2.URLError, e: + print >>sys.stderr, "ERROR: missingentriesforbackup", e.reason + sys.exit(1) except urllib2.HTTPError, e: print >>sys.stderr, "ERROR: missingentriesforbackup", e.read() sys.exit(1) -- cgit v1.1